package com.zkane.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@EnableOAuth2Sso    //开启EnableOAuth2Sso
@Configuration
@EnableGlobalMethodSecurity(securedEnabled = true)  //开启接口权限控制
public class SecurityConfig extends WebSecurityConfigurerAdapter{

    @Autowired
    MyAccessDeniedHandler accessDeniedHandler;
    @Autowired
    MyAuthenticationFailureHandler authenticationFailureHandler;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/index")
                .permitAll()
                .anyRequest()
                .authenticated();

        //认证失败处理上
        http.formLogin().failureHandler(authenticationFailureHandler).permitAll();
        //权限校验失败处理
        http.exceptionHandling()
                .accessDeniedHandler(accessDeniedHandler);
    }
}
